NEAS[.]cb1d22a8ad21fbc7c42ec2ba0cc47f50[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cb1d22a8ad21fbc7c42ec2ba0cc47f50.exe
Size

1.3MB
MD5

cb1d22a8ad21fbc7c42ec2ba0cc47f50
SHA1

0c1307afa7cfd5a7d92058bc8eb371ad5ca29070
SHA256

a520da1f2484229b77e1264cf1b2e0fa58d5b23d6d35da1344e972a8681be2b2
SHA512

370c5ab72d857970ec144736b58c2b612a5e31c9a3fc2d1d4ee92b5aabe0ebbefb36a2bfee75d7c7ca4ddd5803b9d9fe281fb63871dbe66df9d67c203eb8a01d
SSDEEP

24576:Orht9uwbMJhFm0iCZix1y0NEsfftOFXOO:chLun3FEx1y0N7ftOp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.cb1d22a8ad21fbc7c42ec2ba0cc47f50.exe

Files

NEAS.cb1d22a8ad21fbc7c42ec2ba0cc47f50.exe
.exe windows:1 windows x86

aefdd6afcd1e99cd3fdcd3cb19a8dbe9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrlenA
lstrcpyA
WriteFile
VirtualFree
VirtualAlloc
UnlockFile
Sleep
SetUnhandledExceptionFilter
SetThreadContext
SetHandleCount
SetFilePointer
SetFileAttributesA
SetErrorMode
SetCurrentDirectoryA
SetConsoleCtrlHandler
ReadFile
MulDiv
MoveFileA
LockFile
HeapFree
HeapCreate
HeapAlloc
GlobalMemoryStatus
GetVersionExA
GetTimeZoneInformation
GetThreadContext
GetStdHandle
GetProcessHeap
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
GetLastError
GetFileType
GetFileSize
GetDiskFreeSpaceExA
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetCommandLineA
FlushFileBuffers
FindNextFileA
FindFirstFileA
FileTimeToSystemTime
ExitProcess
DuplicateHandle
DeleteFileA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle

gdi32

TextOutW
TextOutA
StartPage
StartDocA
SetTextColor
SetMapMode
SetBkColor
SelectObject
GetTextMetricsA
GetDeviceCaps
EndPage
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontIndirectA
CreateFontA
CreateDCA

user32

ValidateRect
TranslateMessage
TrackPopupMenuEx
SystemParametersInfoA
ShowWindow
ShowCaret
SetFocus
SetCaretPos
SendMessageA
RegisterClassExA
PeekMessageA
MessageBoxW
MessageBoxExA
MessageBoxA
MessageBeep
LoadIconA
LoadCursorA
InvalidateRect
InsertMenuItemA
HideCaret
GetSystemMetrics
GetSysColor
GetKeyState
GetDC
EndPaint
DispatchMessageA
DestroyWindow
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateCaret
BeginPaint
AppendMenuW
AppendMenuA

winspool.drv

OpenPrinterA
EnumPrintersA
DocumentPropertiesA

Sections

.text
Size: 547KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 211KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aefdd6afcd1e99cd3fdcd3cb19a8dbe9

Headers

File Characteristics

Imports

kernel32

gdi32

user32

winspool.drv

Sections

.text Size: 547KB - Virtual size: 548KB

.data Size: 211KB - Virtual size: 212KB

.bss Size: - Virtual size: 284KB

.idata Size: 3KB - Virtual size: 4KB

.reloc Size: 43KB - Virtual size: 44KB

.debug Size: 512B - Virtual size: 4KB

.text
Size: 547KB - Virtual size: 548KB

.data
Size: 211KB - Virtual size: 212KB

.bss
Size: - Virtual size: 284KB

.idata
Size: 3KB - Virtual size: 4KB

.reloc
Size: 43KB - Virtual size: 44KB

.debug
Size: 512B - Virtual size: 4KB